New ID-card fault could have been intentional

Manufacturer of Estonian ID-cards Gemalto ignored security requirements, find experts who proved the latest security fault. To avoid long queues, machines were programmed to generate ID-card encryption keys in a less secure way. The manufacturer denies wrongdoing but could be looking at a lawsuit.

The Estonian ID-card was hit by its second security scandal inside the past year when the State Information System’s Authority (RIA) and the Police and Border Guard Board (PPA) revealed that the secret encryption keys of more than 70,000 ID-cards have been generated outside the chip and transferred onto the cards.

There are some 12,500 such cards still out there today. People will be given two more weeks in which to replace the cards after which their certificates will be revoked, and the cards can no longer be used to access e-services.

RIA was told about the vulnerability in February of last year when University of Tartu researcher Arnis Paršovs shared the results of his analysis with the agency.

Paršovs came across two ID-cards sporting similar public keys. That is in conflict with the fundamentals of ID-card security policy which led to the suspicion that keys could only have been generated outside chips.

“It is a procedural mistake pure and simple,” said head of the eID department at RIA, Margus Arm. It turned out that chip manufacturer Gemalto had set up the PPA’s machines to generate keys outside chips.

A stolen key would give the perpetrator a theoretical chance to enter e-services without the victim’s ID-card or PIN numbers. No such cases have been reported.

To save time

Verifying the vulnerability took nearly 18 months as RIA did not take Paršovs at his word. Last summer saw the ID-card security crisis when a group of Czech scientists found the widely used chip suffered from the so-called ROCA weakness. When the vulnerability was addressed a few months later, RIA tasked its partner AS Cybernetica with verifying Paršovs’ claim. Cybernetica and University of Tartu researchers found that the keys of 74,581 ID-cards had been generated outside the chip.

Cybernetica CDO Arne Ansper said that Paršovs, like the Czech researchers, looked at public keys of the Estonian ID-card to find uniformity. It is possible to determine which device or program generated the public key just by looking at it.

“The most interesting thing was that some public keys matched one for one. Two cards being able to generate the exact same key cannot be explained,” Ansper said.

Next, Cybernetica analyzed public keys using statistical methods and discovered a set of similar characteristics with chips from the generation before last that had been updated at PPA service bureaus. Estonia’s contract with the manufacturer states that keys must be generated on the chip and that private encryption keys must never leave it.

“In the cases we found, the chance that keys were generated by the cards themselves was microscopic. That is why it is as good as certain that the keys have not been generated on the cards,” Ansper explained.

What happened? Ansper said it is likely Gemalto had programmed the system to generate keys outside chips during that period.

“It probably followed some sort of practical consideration, perhaps to save time. Generating the keys outside the card can probably be done relatively quickly. Having the chip do it could take quite a bit of time,” he said.

Generating the private keys on the chips can take minutes, but it can also take much longer depending on the situation. It seems that Gemalto was able to fix the bottleneck after 2014 and no more keys were generated outside chips.

This recent vulnerability is very different from the fault found by Czech scientists. The cards that sport the weakness are not in risk of being hacked. It is only possible to steal that faulty key.

New lawsuit in the air

Ansper said that it is impossible to speculate whether any weak keys have been stolen. “There might be no such keys. It would take a very thorough investigation to determine something like that. Frankly, I do not even know whether it would be possible,” he added.

Director General of RIA Taimar Peterkop said that the agency has been aware of a potential security fault from the beginning of last year, and that it has been very difficult to move forward with this knowledge.

“It has constantly been at the back of my mind; I’ve been losing sleep over it from last February,” Peterkop said. He added that there are no new ID-card security issues on the agency’s radar.

The PPA has filed a new claim for damages with Gemalto over the fault. The agency’s document expert Kaija Kirch said that the company replied yesterday that it does not recognize the violation or accept the claim. The PPA and RIA do not rule out suing Gemalto over the former and recent security faults.

“We filed a claim when we had finished our initial analysis. They replied late yesterday evening and denied everything. They have not said anything else,” Kirch said. She is not at liberty to disclose the volume of the claim.

Margus Arm said that the analysis suggests the fault lied with the process Gemalto had created. “We find that we hit the wall every time we talk to the manufacturer. They say nothing of the sort has happened,” Arm said.

The PPA has also carried out a service audit. It found that the agency had no idea the manufacturer was generating keys outside chips.

“We also have no reason to believe that affected cards have been misused or that someone has access to their private keys. While it is theoretically possible, there are no signs of any incidents at this time,” the police communicated.

Gemalto will continue to manufacture ID-card chips until the end of this year. Postimees contacted the company’s representative for comments but did not receive a reply by the time the article went to print.